CVEs from 2025
Total
8,965
critical
critical 1,368
high
high 2,067
medium
medium 2,068
low
low 204
% Critical
15.3%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 110
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30400 | unknown | — | 1.5 | 1y ago | Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-32709 | unknown | — | 1.5 | 1y ago | Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator. | |||
| CVE-2025-32701 | unknown | — | 1.5 | 1y ago | Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-47729 | unknown | — | 1.5 | 1y ago | TeleMessage TM SGNL contains a hidden functionality vulnerability in which the archiving backend holds cleartext copies of messages from TM SGNL application users. | |||
| CVE-2025-35939 | unknown | — | 1.5 | 1y ago | Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a… | |||
| CVE-2025-34028 | unknown | — | 1.5 | 1y ago | Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code. | |||
| CVE-2025-31324 | unknown | — | 1.5 | 1y ago | SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries. | |||
| CVE-2025-3928 | unknown | — | 1.5 | 1y ago | Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells. | |||
| CVE-2025-42599 | unknown | — | 1.5 | 1y ago | Qualitia Active! Mail contains a stack-based buffer overflow vulnerability that allows a remote, unauthenticated attacker to execute arbitrary or trigger a denial-of-service via a specially crafted r… | |||
| CVE-2025-1976 | unknown | — | 1.5 | 1y ago | Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges. | |||
| CVE-2025-31201 | unknown | — | 1.5 | 1y ago | Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication. | |||
| CVE-2025-31200 | unknown | — | 1.5 | 1y ago | Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file. | |||
| CVE-2025-29824 | unknown | — | 1.5 | 1y ago | Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-31125 | unknown | — | 1.5 | 1y ago | Vite Vitejs contains an improper access control vulnerability that exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the n… | |||
| CVE-2025-30154 | unknown | — | 1.5 | 1y ago | reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs. | |||
| CVE-2025-1316 | unknown | — | 1.5 | 1y ago | Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The… | |||
| CVE-2025-30066 | unknown | — | 1.5 | 1y ago | tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading Github Actions Workflow Logs. These secrets may i… | |||
| CVE-2025-24472 | unknown | — | 1.5 | 1y ago | Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests. | |||
| CVE-2025-21590 | unknown | — | 1.5 | 1y ago | Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code. | |||
| CVE-2025-24993 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-24991 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally. | |||
| CVE-2025-24984 | unknown | — | 1.5 | 1y ago | Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a phys… | |||
| CVE-2025-24983 | unknown | — | 1.5 | 1y ago | Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-24985 | unknown | — | 1.5 | 1y ago | Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-25181 | unknown | — | 1.5 | 1y ago | Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter. | |||
| CVE-2025-22226 | unknown | — | 1.5 | 1y ago | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to… | |||
| CVE-2025-22225 | unknown | — | 1.5 | 1y ago | VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of t… | |||
| CVE-2025-22224 | unknown | — | 1.5 | 1y ago | VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local admi… | |||
| CVE-2025-24989 | unknown | — | 1.5 | 1y ago | Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. | |||
| CVE-2025-0111 | unknown | — | 1.5 | 1y ago | Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interfac… | |||
| CVE-2025-0108 | unknown | — | 1.5 | 1y ago | Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management … | |||
| CVE-2025-24200 | unknown | — | 1.5 | 1y ago | Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device. | |||
| CVE-2025-21418 | unknown | — | 1.5 | 1y ago | Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-21391 | unknown | — | 1.5 | 1y ago | Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in t… | |||
| CVE-2025-0994 | unknown | — | 1.5 | 1y ago | Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Servic… | |||
| CVE-2025-0411 | unknown | — | 1.5 | 1y ago | 7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user. | |||
| CVE-2025-23006 | unknown | — | 1.5 | 1y ago | SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacke… | |||
| CVE-2025-23209 | unknown | — | 1.5 | 1y ago | Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution. | |||
| CVE-2025-21334 | unknown | — | 1.5 | 1y ago | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-21335 | unknown | — | 1.5 | 1y ago | Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges. | |||
| CVE-2025-37928 | unknown | — | 1.0 | — | In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet a… | |||
| CVE-2025-64459 | unknown | — | 1.0 | 7mo ago | Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. | |||
| CVE-2025-32429 | unknown | — | 1.0 | 11mo ago | XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter | |||
| CVE-2025-50481 | unknown | — | 1.0 | 11mo ago | Mezzanine CMS vulnerable to Cross-site Scripting | |||
| CVE-2025-27533 | unknown | — | 1.0 | 1y ago | Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation | |||
| CVE-2025-1550 | unknown | — | 1.0 | 1y ago | Arbitrary Code Execution via Crafted Keras Config for Model Loading | |||
| CVE-2025-68255 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association… | |||
| CVE-2025-21770 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopf_queue_remove_device() The iopf_queue_remove_device() helper removes a device from the pe… | |||
| CVE-2025-67724 | unknown | — | — | — | Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the supplied reason phrase is used unescaped in HTTP headers (where it could be used for header inj… | |||
| CVE-2025-21809 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpc_… | |||
| CVE-2025-21854 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is ex… | |||
| CVE-2025-7464 | unknown | — | — | — | A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation leads to out-of-bounds read.… | |||
| CVE-2025-21877 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelink_bind() Syzbot reports [1] a warning in usb_submit_urb() triggered by inconsiste… | |||
| CVE-2025-68253 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: don't spin in add_stack_record when gfp flags don't allow syzbot was able to find the following path: add_stack_record_to_l… | |||
| CVE-2025-21907 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: memory-failure: update ttu flag inside unmap_poisoned_folio Patch series "mm: memory_failure: unmap poisoned folio during mig… | |||
| CVE-2025-21910 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue [1] that occurs when erroneous symbols… | |||
| CVE-2025-21930 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0 WARNING: CPU: 10 PID: 702 at drivers/net/wi… | |||
| CVE-2025-21977 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: hyperv_fb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot via EFI and have a standard EFI frame… | |||
| CVE-2025-21984 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: fix kernel BUG when userfaultfd_move encounters swapcache userfaultfd_move() checks whether the PTE entry is present or a swa… | |||
| CVE-2025-68249 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: most: usb: hdm_probe: Fix calling put_device() before device initialization The early error path in hdm_probe() can jump to err_f… | |||
| CVE-2025-22023 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 ("usb: xhci: ensure skipped isoc TDs are returned … | |||
| CVE-2025-22022 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 (one with start/stop… | |||
| CVE-2025-22024 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix management of listener transports Currently, when no active threads are running, a root user using nfsdctl command can … | |||
| CVE-2025-22033 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in do_compat_alignment_fixup() do_alignment_t32_to_handler() only fixes up alignment faults for specific i… | |||
| CVE-2025-22053 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: ibmveth: make veth_pool_store stop hanging v2: - Created a single error handling unlock and exit in veth_pool_store - Greatl… | |||
| CVE-2025-22061 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix qid report in airoha_tc_get_htb_get_leaf_queue() Fix the following kernel warning deleting HTB offloaded leafs a… | |||
| CVE-2025-68248 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vmw_balloon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old… | |||
| CVE-2025-68254 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates (ESR) IE handling in OnBeacon … | |||
| CVE-2025-22090 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to… | |||
| CVE-2025-22102 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenar… | |||
| CVE-2025-22115 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which res… | |||
| CVE-2025-37745 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Avoid deadlock in hibernate_compressor_param_set() syzbot reported a deadlock in lock_system_sleep() (see below). … | |||
| CVE-2025-37754 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/i915/huc: Fix fence not released on early probe errors HuC delayed loading fence, introduced with commit 27536e03271da ("drm/… | |||
| CVE-2025-26845 | unknown | — | — | — | An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script. | |||
| CVE-2025-26847 | unknown | — | — | — | An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked. | |||
| CVE-2025-37761 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix an out-of-bounds shift when invalidating TLB When the size of the range invalidated is larger than rounddown_pow_of_t… | |||
| CVE-2025-37765 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttm_bo_delayed_delete oops Fix an oops in ttm_bo_delayed_delete which results from dererencing a dangling… | |||
| CVE-2025-52204 | unknown | — | — | — | A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter | |||
| CVE-2025-37780 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1] The handle_bytes va… | |||
| CVE-2025-37806 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in __generic_file_write_iter. [1] Before the w… | |||
| CVE-2025-37827 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in _… | |||
| CVE-2025-11563 | unknown | — | — | — | URLs containing percent-encoded slashes (`/` or `\`) can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects th… | |||
| CVE-2025-68321 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: page_pool: always add GFP_NOWARN for ATOMIC allocations Driver authors often forget to add GFP_NOWARN for page allocation from th… | |||
| CVE-2025-68320 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: slee… | |||
| CVE-2025-68322 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: … | |||
| CVE-2025-68324 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'imm_tq' is initialized in imm_attach()… | |||
| CVE-2025-68326 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Fix stack_depot usage Add missing stack_depot_init() call when CONFIG_DRM_XE_DEBUG_GUC is enabled to fix the followin… | |||
| CVE-2025-68328 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platform_set_drvdata and dev_set_drvdata. T… | |||
| CVE-2025-68319 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire su_mutex before navigating configs hierarchy There is a race between operations that iterate over the userdat… | |||
| CVE-2025-68330 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iio: accel: bmc150: Fix irq assumption regression The code in bmc150-accel-core.c unconditionally calls bmc150_accel_set_interrup… | |||
| CVE-2025-68331 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged durin… | |||
| CVE-2025-68334 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally (non-X) SoC features a similar architecture to the Steam Dec… | |||
| CVE-2025-68335 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() Syzbot identified an issue [1] in pcl818_ai_cancel(), which stems from t… | |||
| CVE-2025-68336 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: locking/spinlock/debug: Fix data-race in do_raw_write_lock KCSAN reports: BUG: KCSAN: data-race in do_raw_write_lock / do_raw_wr… | |||
| CVE-2025-68338 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized ksz_irq If something goes wrong at setup, ksz_irq_free() can be called on uninitial… | |||
| CVE-2025-68339 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200e_open() Protect access to fore200e->available_cell_rate with rate_mtx lock in the… | |||
| CVE-2025-68340 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of team_port_add Attempting to add a port device that is already up will expectedly… | |||
| CVE-2025-68341 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP no_direct return section to fix race As explain in commit fa349e396e48 ("veth: Fix race with AF_XDP exposing old… | |||
| CVE-2025-68342 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data The URB received in gs_usb_receive_bulk_ca… | |||
| CVE-2025-68343 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header The driver expects to receive a struct g… |